1 /*
2 * Copyright (c) 2015 Andreas Schneider <asn@samba.org>
3 * Copyright (c) 2015 Jakub Hrozek <jakub.hrozek@posteo.se>
4 *
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 */
18 #include "config.h"
19
20 #include <stdlib.h>
21 #include <stdio.h>
22 #include <string.h>
23
24 #ifdef HAVE_SECURITY_PAM_APPL_H
25 #include <security/pam_appl.h>
26 #endif
27 #ifdef HAVE_SECURITY_PAM_MODULES_H
28 #include <security/pam_modules.h>
29 #endif
30
31 #include "config.h"
32
33 #define ITEM_FILE_KEY "item_file="
34
35 static const char *envs[] = {
36 #ifndef HAVE_OPENPAM
37 "PAM_SERVICE",
38 #endif
39 "PAM_USER",
40 "PAM_USER_PROMPT",
41 "PAM_TTY",
42 "PAM_RUSER",
43 "PAM_RHOST",
44 "PAM_AUTHTOK",
45 "PAM_OLDAUTHTOK",
46 #ifdef PAM_XDISPLAY
47 "PAM_XDISPLAY",
48 #endif
49 #ifdef PAM_AUTHTOK_TYPE
50 "PAM_AUTHTOK_TYPE",
51 #endif
52 NULL
53 };
54
55 static const int items[] = {
56 #ifndef HAVE_OPENPAM
57 PAM_SERVICE,
58 #endif
59 PAM_USER,
60 PAM_USER_PROMPT,
61 PAM_TTY,
62 PAM_RUSER,
63 PAM_RHOST,
64 PAM_AUTHTOK,
65 PAM_OLDAUTHTOK,
66 #ifdef PAM_XDISPLAY
67 PAM_XDISPLAY,
68 #endif
69 #ifdef PAM_AUTHTOK_TYPE
70 PAM_AUTHTOK_TYPE,
71 #endif
72 };
73
pam_setitem_env(pam_handle_t * pamh)74 static void pam_setitem_env(pam_handle_t *pamh)
75 {
76 int i;
77 int rv;
78 const char *v;
79
80 for (i = 0; envs[i] != NULL; i++) {
81 v = getenv(envs[i]);
82 if (v == NULL) {
83 continue;
84 }
85
86 rv = pam_set_item(pamh, items[i], v);
87 if (rv != PAM_SUCCESS) {
88 continue;
89 }
90 }
91 }
92
93 PAM_EXTERN int
pam_sm_authenticate(pam_handle_t * pamh,int flags,int argc,const char * argv[])94 pam_sm_authenticate(pam_handle_t *pamh, int flags,
95 int argc, const char *argv[])
96 {
97 (void) flags; /* unused */
98 (void) argc; /* unused */
99 (void) argv; /* unused */
100
101 pam_setitem_env(pamh);
102 return PAM_SUCCESS;
103 }
104
105 PAM_EXTERN int
pam_sm_setcred(pam_handle_t * pamh,int flags,int argc,const char * argv[])106 pam_sm_setcred(pam_handle_t *pamh, int flags,
107 int argc, const char *argv[])
108 {
109 (void) flags; /* unused */
110 (void) argc; /* unused */
111 (void) argv; /* unused */
112
113 pam_setitem_env(pamh);
114 return PAM_SUCCESS;
115 }
116
117 PAM_EXTERN int
pam_sm_acct_mgmt(pam_handle_t * pamh,int flags,int argc,const char * argv[])118 pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
119 int argc, const char *argv[])
120 {
121 (void) flags; /* unused */
122 (void) argc; /* unused */
123 (void) argv; /* unused */
124
125 pam_setitem_env(pamh);
126 return PAM_SUCCESS;
127 }
128
129 PAM_EXTERN int
pam_sm_open_session(pam_handle_t * pamh,int flags,int argc,const char * argv[])130 pam_sm_open_session(pam_handle_t *pamh, int flags,
131 int argc, const char *argv[])
132 {
133 (void) flags; /* unused */
134 (void) argc; /* unused */
135 (void) argv; /* unused */
136
137 pam_setitem_env(pamh);
138 return PAM_SUCCESS;
139 }
140
141 PAM_EXTERN int
pam_sm_close_session(pam_handle_t * pamh,int flags,int argc,const char * argv[])142 pam_sm_close_session(pam_handle_t *pamh, int flags,
143 int argc, const char *argv[])
144 {
145 (void) flags; /* unused */
146 (void) argc; /* unused */
147 (void) argv; /* unused */
148
149 pam_setitem_env(pamh);
150 return PAM_SUCCESS;
151 }
152
153 PAM_EXTERN int
pam_sm_chauthtok(pam_handle_t * pamh,int flags,int argc,const char * argv[])154 pam_sm_chauthtok(pam_handle_t *pamh, int flags,
155 int argc, const char *argv[])
156 {
157 (void) flags; /* unused */
158 (void) argc; /* unused */
159 (void) argv; /* unused */
160
161 pam_setitem_env(pamh);
162 return PAM_SUCCESS;
163 }
164
165